Unable to specify syslog2 type custom provider for archival filtering (NETIQKB72432)

  • 7772432
  • 30-Jun-2010
  • 27-Mar-2012

Environment

Security Manager 6.5

Situation

Unable to specify syslog2 type custom provider for archival filtering

Resolution

The workflow works differently for syslog type. In order to filter data for a syslog provider, you will need to do this at the provider level itself, and not the rule level. The advantage here is that the event will never enter the workflow, making the provider is much more efficient.

Cause

There is not an archival filter rule type for syslog

Additional Information

Formerly known as NETIQKB72432

Feedback service temporarily unavailable. For content questions or problems, please contact Support.